AFRL posts Capabilities for Cyber Mission Assurance BAA
On July 7, the Air Force Research Laboratory posted a broad agency announcement for Capabilities for Cyber Mission Assurance (BAA-AFRL-RIK-2015-0015).
This Broad Agency Announcement (BAA) is a contracting tool directly responsive to Air Force Research Laboratory (AFRL) cyber science & technology (S&T) strategic goals and will address needs that are “left-of-the-threat”. AFRL is looking to procure solutions for anticipating and avoiding cyber threats.
To support these strategic goals, this BAA seeks to procure capabilities for avoiding threats through understanding the cyber situation, assessing potential impacts, and implementing deterrence and effects-based defensive methodologies. As such, it supports work in the areas of trusted hardware, trusted software, trusted data, secure systems/architectures, maneuverability, mission awareness, and mission assurance.
1) FY16 – FY17 SPECIFIC FOCUS AREA: ASSURED BY DESIGN
Background: Many cyber solutions currently focus on detecting attacks after they occur and then attempt to apply security mechanisms to existing hardware and software. This type of solution is inefficient and keeps systems and networks in a constant state of “react”. A more proactive approach is preventing and avoiding rather than detecting after the fact. This area seeks to develop mathematically rigorous tools and techniques that modify the cyber domain in favor of mission assurance.
Objective: To formally verify that hardware and software implementations meet mathematical specifications that prove correctness of secure designs and to lead research in technologies to mitigate new and emerging threats that could degrade capabilities by developing innovative solutions through science and engineering applications to national security problems. Results of this work would place missions orthogonal to threats. This focus area is not interested in concepts, approaches, and techniques that rely on detection and reaction. The Assured by Design area is divided into three main thrusts: Science of Mission Assurance, Engineering Assured Systems, and Domain Modification.
2) FY16-FY18 SPECIFIC FOCUS AREA: CYBER DECEPTION
Background: Deception is a deliberate act to conceal activity on the Air Force networks, create uncertainty and confusion against the adversary’s efforts to establish situational awareness and to influence and misdirect adversary perceptions and decision processes. Military deception is defined as “those actions executed to deliberately mislead adversary decision makers as to friendly military capabilities, intentions, and operations, thereby causing the adversary to take specific actions (or inactions) that will contribute to the accomplishment of the friendly mission.” Military forces have historically used techniques such as camouflage, feints, chaff, jammers, fake equipment, false messages or traffic to alter an enemy’s perception of reality. Modern day military planners need a capability that goes beyond the current state-of-the-art in cyber deception to provide a system or systems that can be employed by a commander when needed to enable deception to be inserted into defensive cyber operations.
Relevance and realism are the grand technical challenges to cyber deception. The application of the proposed technology must be relevant to operational and support systems within the DoD. The DoD operates within a highly standardized environment. Any technology that significantly disrupts or increases the cost to the standard of practice will not be adopted. If the technology is adopted, the defense system must appear legitimate to the adversary trying to exploit it.
Objective: To provide cyber-deception capabilities that could be employed by commanders to provide false information, confuse, delay, or otherwise impede cyber attackers to the benefit of friendly forces. Deception mechanisms must be incorporated in such a way that they are transparent to authorized users, and must introduce minimal functional and performance impacts, in order to disrupt DoD adversaries and not ourselves. As such, proposed techniques must consider how challenges relating to transparency and impact will be addressed. The security of such mechanisms is also paramount, so that their power is not co-opted by attackers against us for their own purposes. These techniques are intended to be employed for defensive purposes only on networks and systems controlled by the DoD.
This focus area is currently envisioned to consist of two phases running approximately 12 months each. The first phase (Concept Development) will consist of one to three study efforts that will examine potential deception technologies that could be developed. This will focus on the description, design and development of techniques and technologies that could be employed in an Air Force network. These efforts will be brought to a proof-of-concept level, and the implementations will be evaluated at the end of this phase. In the second phase (Prototyping), also lasting approximately 12 months, one or more of the concepts that show promise will be further developed to produce a prototype system capable of demonstration in a relevant environment. The system(s) developed by the end of this phase will be evaluated. At the end of this second phase, a “go/no-go” decision will be made to determine if the prototype(s) will undergo further refinement, evaluation, and potential integration with an eye toward transition.
Full information is available here.